Can AI Help Stop Data Breaches?
A data breach can be really bad news for businesses, destroying reputations, eroding trust and costing money.
Security breaches aren’t confined to small companies either, with big names such as eBay, Equifax and Adobe all having had problems in this area.
Any sensible business will have a suite of data protection and security tools at its disposal and with the continuing development of Artificial Intelligence, it makes sense to ask whether AI can help.
What kind of threats are there?
Probably the most common form of threats are of the unsophisticated Phishing and Spear Phishing type. They are the most regularly seen because they require less effort from the fraudsters which in turn means that they rely upon volume to find people naive enough to click on an unsolicited link.
Whilst many hacks are of the old ‘multi-billionaire in a foreign country’ type, scammers move on and develop increasingly creative ways to part people and their businesses from their money. A good example here would be the ‘family emergency scam’.
Covid has meant that many more of us are working from home and in turn, connecting from insecure access points. Gaining access to data through unencrypted open WiFi is a well-known method of breaking into a company’s usually secure network.
User-error accounts for the vast majority of unauthorized system access and often this means using passwords like “12345” or the name of a pet. Whilst education goes a long way, the truth is that you’ll never stop people doing stupid stuff and all an organized hacker needs is to beat your defense once.
Automated hacking with DDOS and script-led attacks can come from a relatively inexperienced juvenile in their mom’s basement, or in more sophisticated forms from hacktivists or nation-state actors.
Naturally, the latter types of attacks tend to be more sophisticated in nature and rather than disrupting systems they tend to be more about stealing data although the UK NHS wannacry attack in 2017 is often put down to a North Korean group.
How can AI help?
Perhaps the place to start is to understand what types of vulnerability your organization has and companies are developing AI products that will carry out penetration tests mimicking what so-called ‘black hat’ hackers may do.
This is important because as technology advances then we know that there is always someone out there that will use it for negative purposes. There are already suggestions that larger hacking groups have utilized machine learning and AI in developing attacks and it makes sense to mimic these in our attempts to understand how they would get in.
AI has the ability to sift through gargantuan amounts of data and organize this incredibly rapidly. It can see patterns emerging within seconds and whilst this is nothing new (after all, dumb systems can do this), what is new is that it can formulate and distribute a response almost as quickly.
When your business is under attack, speed is of the essence and so the learning capability of AI to know when it is being threatened, understand the consequences and then creatively produce a defense will be key.
Data collection and collation is also useful when we see attacks hitting other organizations around the world.Consider this; how long would it take you to collect and analyze all of the attacks that have happened globally in the last 24 hours? How quickly could you start to see patterns and then formulate a response?
With a connected AI solution it is possible to spot trends emerging on the other side of the world and prepare a defense before the organization is attacked.
User behavior is an area that potentially leaves any business vulnerable and AI can help with this too.
An AI system can learn patterns of user behavior, the geographical location where they log in, which systems they access, what areas they visit, and then immediately spot when user behavior changes. This would highlight where their password has been compromised for instance.
Is AI the complete answer?
Using Artificial Intelligence to counter malevolent actors is a sensible move and as more companies develop solutions it is becoming more accessible for even very small businesses but it would be wrong to suggest that AI is the complete answer.
As we have seen recently, AI doesn’t always get it right and so there will continue to be a need for human interaction.
It seems a bit of a cop-out to invest in a potentially expensive solution when in many cases better security is simply a matter of user education.
Explaining to people how phishing works, why secure passwords are important and how they can spot and report potentially harmful apps is a fairly simple process and doesn’t have to be expensive.
VPNs are also a low-cost method of securing networks.
Well, it’s a really helpful solution to the problem of data interception. It encrypts communications from a user’s device when they are connected to insecure networks and, for the sake of risk management, let’s assume that all networks outside of your business one are insecure.
Encrypting the data on your own device is fine, but when you connect over an open network then the data transfer is not encoded. A VPN fixes this.
So can AI help with data security?
Well, there is no doubt that a properly developed AI solution can help massively with data security in any organization.
The speed of processing, together with the amount of data that a good solution can cope with means that it can spot, assess and deal with threats much quicker than a human.
But AI isn’t always the perfect answer. As with many things, using a blended approach can give a better outcome.
User education, and hardening systems access also has a role to play.
But with more and more companies developing AI apps it is clear that not only will quality get better, but accessibility will also increase meaning that companies of any size will be able to take advantage of AI for data security in the near future.